[keycloak-user] Is CVE-2019-3868 (session hijacking) fixed in 6.0.1 keycloak release

Bruno Oliveira bruno at abstractj.org
Wed May 8 10:27:13 EDT 2019


Please, take a look at
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3868. It was
fixed.

On Wed, May 8, 2019 at 5:14 AM Shiva Prasad Thagadur Prakash
<shiva.prasad.thagadur.prakash at ericsson.com> wrote:
>
> Hi Guys,
>
> Is CVE-2019-3868 fixed in 6.0.1 Keycloak release? Is there a place
> where I can check the status of different CVEs i.e. whether they are
> fixed or planned to be fixed etc...
>
> Thanks,
> Shiva
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user



-- 
- abstractj


More information about the keycloak-user mailing list